Our Services

---

1.  IT/Security Policies and Procedures Development and Update of Information Technology/Security Policies and Procedures.
2. Risk Management IT/Security/Enterprise/Operational assessment of threats and vulnerabilities to calculate risks and establish needed controls.
3. Identity and Access Management Proven methodology to identify and automate identity and access management processes to facilitate the enforcement of segregation of duties.
4. Data Loss Prevention Evaluation of communication and information transfer technologies, procedures and controls to determine data leaks and update or establish controls.
5. ISO 17799 and 27001 Assessments Assessment to determine compliance with ISO 17799 and 27001 standards including maturity model.
6. Penetration Testing Evaluation of system vulnerabilities through ethical hacking including Internal Network, External Network, Wireless ,Web Applications and Social Engineering.
7. Cloud Computing Evaluation Evaluate the security controls of cloud service providers considering internal and regulatory security requirements.
8. IT Strategic Alignment Evaluation of corporate governance structure in terms of its effectiveness in evaluating, planning and implementing risk and compliance measures. 

1. Internal Audit Financial, Operational, IT and other regulatory compliance audits including SSAE16 (SAS-70) examinations. We also assist in the preparation and review of SOX process narratives, preparation of control matrix, testing and remediation procedures.
2. Regulatory Compliance Development of policies , compliance program gap evaluation, risk assessments for SOX, GLBA, PCI, HIPAA, FACTA, BSA/AML, OFAC, and other important regulations.
3. Data Classification Development of information asset inventory, classification, design and implementation of controls according to its classification level.
4. Vendor Management Development of program to ensure an effective selection, monitoring and termination of vendors considering the current risks for cloud computing.
5. Record Management Development a program to classify, store, secure and destruct records based on the organization regulatory requirements.
6. Computer Forensics Services Deliver forensic investigative skills to organizations that are facing issues with technology, financial or legal implications. We identify, collect, preserve, and analyze data in a way that preserves the integrity of the evidence collected so it can be used effectively.
7. Employee Training. Conduct operational and IT/Security training to employees to ensure adherence to corporate policies.

1. BCM Policy Defines the process requirements to ensure that business continuity arrangements continue to meet the needs of the organization in the event of an incident.
2. BCM Governance Involves assigning responsibilities, implementing business continuity in the organization and the ongoing management of business continuity.
3. Business Impact Analysis Determine and document the impact of a disruption to the activities that support its key products and services.
4. Risk Assessment Evaluates the threats to resources such as people, process and technology , their vulnerabilities and the impact that would arise if a threat became an incident.
5. BCM Strategy Determine strategic options for its critical activities and the resources that each activity will require on its resumption.
6. BCM Response Development and implementation of appropriate plans and arrangements to ensure continuity of critical activities, and management of an incident.
7. Exercise and Maintenance Ensures that the program is validated by exercises and review and that they are kept up-to-date.

1. Business Process Improvement Includes the evaluation of departmental processes to identify operational and technical needs and areas of improvement in terms of performance and efficiency.
2. Business Process Re-engineering Redesign the way work is done to better support the organization's mission and reduce costs.
3. Activity Based Costing / Activity Based Management (ABC / ABM) Includes the identification of products, services, and distribution channels true costs and profitability.
4. Business or Strategic Planning Define the corporate strategy or direction, and making decisions on allocating its resources to pursue this strategy.

1. Cybersecurity Risk Assessment Perform a cybersecurity risk assessment to determine current cybersecurity challenges, threats and vulnerabilities.
2. Cybersecurity Roadmap Evaluation of the Cybersecurity risks and threats. Establish a strategic roadmap for MSSP cybersecurity services.
3. MSSP Vendor Selection Utilizing our existing relationships and vendor partnerships to engage the most appropriate cybersecurity solution provider based on a cost-effective approach. 
4. MSSP Implementation and Operations Facilitate the transition with the MSSP service provider considering business and IT strategic objectives. Conduct continuous monitoring by implementing Key Risk Indicators (KRI) for MSSP services.

GreenPoint employs a diverse and innovative teams of professionals to enable our customers to accomplish their missions successfully. We are recognized as a proven team of talented professionals with unmatched expertise. 

We have established enduring relationships with clients to help them achieve their goals due to our relentless pursuit of excellence in all our engagements.

Our professionals brings industry experience to its operations and a cross-section of skills uniquely suited to deliver each of the required projects. 

Our professionals hold certifications such as: CISA, CISM, CRISC, CGEIT, CISSP, PMP, ITIL, MBCP, ISO, and CPA.

Customers of GreenPoint count on us to combine our deep experience with fresh innovative approaches.